Your Macbook is bridging 2 different networks.
The first, from your router, would presumably be 192.168.1.0
That would make the router itself 192.168.1.1 & it will then hand out DHCP addresses from 192.168.1.2 up to as high as .254
In order to prevent potential IP Address conflicts. Apple's Internet Sharing will use an address of one order higher for each Ethernet connection you ask it to use [with Thunderbolt or USB adapters, this could be many, on rare occasions] so the first one will be 192.168.2.x, the one after 192.168.3.x etc
The only thing that puzzles me slightly is that the reported self-assigned address is 169.254.x.x. This is a private, self-assigned address that an interface will use if it cannot find a DHCP server to assign it one.
For a bridged connection, though, I would have expected it to assign itself 192.168.2.1, as the gateway for your bridge & not be trying to pick up a DHCP address at all, as it is the 'router & gateway' to your new node.
The fact that your second machine can connect successfully with an assigned address of 192.168.2.2 & a gateway of 192.168.2.1 would tell me that the self-assigned address might be misreported somewhere along the line; as otherwise it oughtn't to be able to connect.
After some extensive Googling I discovered this, which may explain the apparent discrepancy.
If you toggle your Internet Sharing on and off, you'll see the bridge0: device appear and disappear from ifconfig. This makes things tricky depending on the static IP you assigned your Pi as well as your Mac. If you chose to use DCHP for your Mac Ethernet connection, your Pi will only work with a static IP that looks like 169.254.x.x; however, when you turn on Internet Sharing, your Pi will then only work with an IP that looks like 192.168.2.x. It turns out that if you used DHCP for your Ethernet connection and your Ethernet has an IP of 169.254.x.x AND you have Internet Sharing on, you can still connect to your Pi via a 192.168.2.x address since now the bridge0: device is the one handing out the IP address to connected devices.
TL:DR
Don't set DHCP on your shared connection in the Macbook, because it is supposed to be the 'master'. Allow the OS to set it up itself, which it will do correctly, with a fixed IP of 192.168.2.1 for itself & 192.168.2.2 ..3 ..4 etc for devices using it as a bridge
After searching for hours, I still wasn't able to find a built-in command-line utility that does what I'm asking for. But I did find something else that's pretty close. It's PortMapper, a java applet that comes with a command-line interface to manage the port-mappings of your router (must be UPnP compatible).
Since my plan was to do everything from the terminal, I'll walk you through the steps:
# Download the latest version
curl -fSL "https://sourceforge.net/projects/upnp-portmapper/files/latest/download" -o portmapper.jar
# See the basic help
java -jar portmapper.jar -h
# List all port-forwarding rules
java -jar portmapper.jar -list
# Create a new rule
java -jar portmapper.jar -add -externalPort 7919 -internalPort 7919 -ip 192.168.1.2 -protocol tcp
# Delete a rule
java -jar portmapper.jar -delete -externalPort 7919 -protocol tcp
This assumes you have java installed and available in your shell
Best Answer
valid until 10.7, natd is deprecated in 10.8 and above but should still work
A solution found here:
First use "ifconfig" to see how the wireless and ethernet interfaces are called. Probably the wireless interface is "en1" and the (shared) ethernet interface is "bridge0".
IP-settings of the "other device":
Mac OS X has no direct GUI option to configure port forwarding. However, you can create a shell script as follows (open terminal and create a script called osx_fw.sh):
Make the script executable:
Simply run this script whenever you need to forward ports:
Depending on your system you probably have to setup or modify some firewall rules.
since 10.8
check this answer